﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
public partial class _Default : System.Web.UI.Page
{
    Dataconnect conn = new Dataconnect();
    SqlCommand cmd = null;
    SqlDataReader dr = null;
   String strpass;
   protected void ChangePass()
   {
       

           strpass = Encript.mahoa(txt_pass2.Text);
           cmd = new SqlCommand();
           cmd.Connection = conn.Connect();
           cmd.CommandText = "proc_ChangePassStaff";
           cmd.CommandType = CommandType.StoredProcedure;
           cmd.Parameters.AddWithValue("@username", Session["StaffUserame"].ToString());
           cmd.Parameters.AddWithValue("@password", strpass);
           if (cmd.ExecuteNonQuery() > 0)
           {
               Response.Write("<script>alert('change password succecc!!!')</script>");
           }
           else
           {
               Response.Write("<script>alert(' change password error!!!')</script>");
           }
   }
   protected void CheckPass()
   {
       

           strpass = Encript.mahoa(txt_olderPass.Text);
           cmd = new SqlCommand();
           cmd.Connection = conn.Connect();
           cmd.CommandText = "selectStaffPass";
           cmd.CommandType = CommandType.StoredProcedure;
           cmd.Parameters.AddWithValue("@username", Session["StaffUserame"].ToString());
           dr = cmd.ExecuteReader();
           if (dr.Read())
           {
               ChangePass();
           }
           else
           {
              Response.Write("<script>alert(' sai pass!!!')</script>");
          }
   }
    protected void Page_Load(object sender, EventArgs e)
    {
        if (IsPostBack == false)
        {
            if ( Session["StaffUserame"] == null)
            {
                Response.Redirect("Login.aspx");
            }
            else if (Session["StaffUserame"] != null)
            {
                lbl_name.Text = Session["StaffUserame"].ToString();
                lbtn_logIn.Visible = false;
                lbtn_logout.Visible = true;
            }
          
        }
    }
    protected void btn_ChangePass_Click(object sender, EventArgs e)
    {
        if (txt_olderPass.Text != null)
        {
            CheckPass();
        }
        else {
            Response.Write("<script>alert('text is not null')</script>");
        }
    }
    protected void lbtn_logout_Click(object sender, EventArgs e)
    {
        Session["AdminUserame"] = null;
        Response.Redirect("Login.aspx");
    }
}